Blog

How to install and set up BIND (DNS Server)

1. Install Bind 9 Package

sudo apt update
sudo apt install bind9 bind9utils bind9-doc dnsutils

2. Edit the file:

sudo nano /etc/bind/named.conf.options

I've listed the following parameters that you can of course adjust to your network:

acl trustedclients {
        localhost;
        localnets;
        10.0.0.0/24;
};
options {
        directory "/var/cache/bind";
        recursion yes;
        allow-query { trustedclients; };
        allow-query-cache { trustedclients; };
        allow-recursion { trustedclients; };
        // enable the query log
        querylog yes;
        forwarders {
                8.8.8.8;
                8.8.4.4;
        };
        dnssec-validation auto;
        //listen-on-v6 { any; };
        listen-on-v6 port 53 { ::1; };
        listen-on port 53 { 127.0.0.1; 10.0.0.1; };
};

3. Update the following parameter in:

sudo nano /etc/default/named

with:

OPTIONS="-u bind -4"

4. Start and enable the BIND service to implement the changes made:

sudo systemctl start named
sudo systemctl enable named

5. View the bind service status:

sudo systemctl status named
sudo systemctl status bind9

Restart BIND:

sudo service named restart
sudo service bind9 restart

07. If you have the UFW firewall configured, open up access to BIND by typing:

sudo ufw allow Bind9

or

sudo ufw allow 53

or

sudo ufw insert 1 allow from 10.0.0.0/24 to any